The invention relates to the general field of dematerializing documents of title, otherwise known as “electronic tickets”, and it relates more particularly to field of application in which electronic tickets are to be stored in a mobile terminal suitable for presenting said ticket in order to enable its user to have access to goods or more generally to a service.
A preferred but non-limiting application of the invention lies in applications where the mobile terminal presents the electronic ticket by using a near-field communication technique.
So-called “near-field” communication techniques are becoming widespread, and the technique that is the most used at present in mobile telephony is known by the acronym NFC.
In particular, transport services are known in which the users of public transport make use of a dedicated application on a mobile terminal in order to purchase electronic tickets and in order to validate a ticket on entering a bus or a tram by placing the mobile terminal close to an access control device suitable for communicating with the mobile terminal, or rather with a secure element of the mobile terminal such as its subscriber identity module (SIM) card, by using NFC means both in order to obtain the electronic ticket and in order to verify that it is valid.
An experimental service is also known for dematerializing tickets that give access to stadiums; the tickets are stored in the secure SIM cards of mobile terminals.
In the field of banking, payment services are also known in which certain banks have deployed contactless electronic payment terminals (EPTs) with traders that can be used equally well with a bank card and with an NFC mobile terminal having a secure element such as the SIM card.
The document “mCoupons: an application for near-field communication (NFC)” by Sandra Dominikus and Manfred Aigner, published under the number 0-7965-2847-3/07 at the 21st International Conference of the AINAW'07 in 2007 describes a system in which the user obtains an electronic coupon from an “issuer” first entity and cashes in the electronic coupon with a “cashier” second entity, the mobile terminal communicating with these two entities via NFC type means.
That document describes a method of making the system secure in which the “cashier” entity authenticates the mobile terminal by asking it to sign a challenge using its own private key and by verifying the signed challenge by using the public key of the mobile terminal as obtained from a public key server PKI.
That system presents a drawback in that the “cashier” entity with which the user cashes in the electronic coupon must be able to access the key server PKI in order to obtain the public key of the mobile terminal. Consequently, such a system cannot be extended to controlling access to services and premises that are not connected to a network.
The invention proposes a system for controlling access to a server by the user of a mobile terminal by validating an electronic ticket but without presenting such a drawback.